Professional Documents
Culture Documents
Attachment 2
Attachment 2
Attachment 2
Learning Topic
Access Control
Dover Castle
Dover castle, built by King Henry II, was a way to control physical access.
Access control is the process by which permissions are granted for given
1 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
The access control model used is determined based on the needs of the
organization. To determine the best model, a risk assessment should be
performed to determine what threats might be applicable. This
information is then used to assess which model can best protect against
the threats.
2 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Resources
Required
3 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Recommended
4 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
/byid/9af7f492‐ac89‐4c7a‐992f‐b4796cf3196e)
5 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
SoD
MAC
RBAC
DAC
Question 2
When a retail company places access control policies in
place for its cashiers, it has implemented which of the
following types of policies?
role‐based policy
identity‐based policy
Question 3
6 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Question 4
When controlling access to an object by a subject, security
professionals must set up access rules. The following are
the three access control models that can be used to set up
these rules.
Question 5
Rule‐based access control (RuBAC) access is determined by
rules that are in which of the following categories?
7 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Question 6
Which of the following is the category with rules that are
not established by user preferences and can only be
changed administratively?
Question 7
Which of the following is true of the mandatory access
control environment?
Question 8
8 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Question 9
Which of the following is not an access control technique?
Question 10
In some access control models, the data owner or resource
owner can specify access to resources based on identity.
Which of the following access control models does this
describe?
9 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Question 11
As the name implies, which of the following access control
models is an example of DAC based on the characteristic of
the user?
10 of 11 4/24/2021, 8:45 PM
Access Control https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
All links to external sites were verified at the time of publication. UMGC is not responsible for the
validity or integrity of information located at external sites.
11 of 11 4/24/2021, 8:45 PM